Cyber Doc logo Cyber Doc
Cybersecurity Term

What is cryptojacking?

Unauthorised use of computers or servers to mine cryptocurrency, often causing slowdowns and higher costs.

Malware & Ransomware Last reviewed: 2026-05-20

← Back to Learn Centre

What is cryptojacking?

Cryptojacking happens when attackers use someone else’s computers or servers to mine cryptocurrency without permission.

Simple example

A compromised website or server suddenly runs slowly because hidden mining software is using CPU resources.

Why it matters

It can increase costs, slow systems, and indicate that attackers already have unauthorised access.

Common warning signs

  • The activity is unexpected or unusual for the business context.
  • The request or system behaviour creates pressure to act quickly.
  • Normal approval, verification, or security processes are bypassed.
  • There are signs of unauthorised access, data exposure, or system change.
  • Staff are unsure whether the request, message, or system behaviour is legitimate.

Cyber Doc view

This term should be understood in business context, not only as a technical issue. Good protection usually combines clear processes, appropriate technical controls, staff awareness, and a calm response plan.

What to do

Proactive steps

  • Patch servers and websites regularly.
  • Use endpoint and server monitoring.
  • Monitor unusual CPU usage.
  • Restrict administrative access.
  • Review plugins, scripts, and third-party code.

Reactive steps

  • Investigate unusual resource usage.
  • Remove unauthorised scripts or malware.
  • Patch the exploited weakness.
  • Review logs for how access was gained.
  • Check whether other malicious activity occurred.

Related terms

  • Malware
  • Server compromise
  • Security monitoring